Report on System Intrusion: Analysis of Premera Blue Cross Case Study

Verified

Added on 2020/04/21

AI Summary

This report provides an analysis of the system intrusion experienced by Premera Blue Cross, a health insurance company. The intrusion, which was discovered in January 2015, targeted over 11 million customers' records, including sensitive information such as Social Security numbers, credit card numbers, and medical records. The report details the vulnerability of this information to insurance and banking fraud, as well as the company's response. Premera implemented measures such as offering free credit monitoring, installing an intrusion detection system, and advising customers on password security. The analysis highlights the importance of proactive cybersecurity measures and the impact of data breaches on both organizations and individuals, drawing on references from the healthcare and IT industries. This report serves as a case study on the consequences of cyberattacks and the importance of robust security protocols.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

UNIT:
NAME:
DATE:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

System Intrusion
The following write-up is a discussion on system intrusion, information targeted and changes
made to a system a case study of Premera Blue Cross. Premera Blue is a health insurance and not
for profit company with headquarters in Washington DC. The company has more than 2.5
million customers. The company system intrusion was discovered on January 2015. It was
suspected that the system was hacked from May 2014.
The system intrusion in Premera Blue Cross targeted customers’ information. It took up more
than 11 million customers’ records (Murphy, 2017). The intrusion was successful and was
detected by iSight that found suspicious domain that spoofed the official Premera website. The
information targeted included; Social Security numbers, credit card numbers, email and mailing
address, clinical information, and phone numbers. This information is vulnerable to insurance
fraud and blackmail to the company’s customers (Saleem et al., 2008). The information could
also be used for banking fraud as a result of the information breach (Snedaker, 2013).
Medical records and bank records are valuable to cybercrime and it was important for the
company to make changes and control vulnerability. First, the Company embarked on offering a
two years free credit monitoring to all affected customers. Secondly, the company installed an
intrusion detection system (IDS) that was meant to monitor the system for any malicious
activities. Lastly, the company advised it customers to change their passwords, security
questions, and avoid clicking email links or files from suspicious emails (Snedaker, 2013). These
change ensured that the system is monitored for future attacks and information breached was not
to be used by the attackers.

References
Murphy, C. J. (2017). Healthcare Industry Held Hostage: Cyberattacks and the Effect on
Healthcare Critical Infrastructure (Doctoral dissertation, Utica College).
Saleem, K., Luis, S., Deng, Y., Chen, S. C., Hristidis, V., & Li, T. (2008, May). Towards a
business continuity information network for rapid disaster recovery. In Proceedings of
the 2008 international conference on Digital government research (pp. 107-116). Digital
Government Society of North America.
Snedaker, S. (2013). Business continuity and disaster recovery planning for IT professionals.
Newnes.